Rundeck未设置环境变量以使用其他ssh端口进行远程执行

Question

Rundeck setsup all the options passed to a job as environment variable like $RD_OPTION_* but it is not setting up those variables when a job is executed in remote node with different ssh port. The script logs into remote node successfully but environment variables are not there. Please help me with a solution.

Sample Job definition:

 <joblist> <job> <context> <options preserveOrder='true'> <option name='option1' required='true' /> </options> </context> <description>job description</description> <dispatch> <excludePrecedence>true</excludePrecedence> <keepgoing>false</keepgoing> <rankOrder>ascending</rankOrder> <threadcount>1</threadcount> </dispatch> <executionEnabled>true</executionEnabled> <id>id</id> <loglevel>DEBUG</loglevel> <name>job name</name> <nodefilters> <filter>name: remote_node</filter> </nodefilters> <nodesSelectedByDefault>true</nodesSelectedByDefault> <notification> <onfailure> <email attachLog='true' recipients='abcdef@xyz.com' subject='job failure :(' /> </onfailure> <onsuccess> <email recipients='abcdef@xyz.com' subject='job succes' /> </onsuccess> </notification> <scheduleEnabled>true</scheduleEnabled> <sequence keepgoing='false' strategy='step-first'> <command> <exec>python path/to/script.py $RD_OPTION_OPTION1 > /path/to/logfile_$RD_JOB_EXECID.log 2>&1</exec> </command> <command> <exec>java -jar path/to/jarfile.jar ${option.option1} >> "/path/to/logfile_${job.execid}.log" 2>&1</exec> </command> </sequence> <uuid>job-uuid</uuid> </job> </joblist> <!-- Here $RD_JOB_EXECID,${job.execid},${option.option1},$RD_OPTION_OPTION1 are not being setup as environment variables when remote node is selected for execution but the same variables are set up as environment variables when executed locally. Rundeck logins to the remote node as user successfully. Log entries are seen in /path/to/logfile_.log file in remote node since $RD_JOB_EXECID has not been set up. the options @option.option1@ are working fine since they have been replaced by rundeck before executing command. Rundeck details: user: rundeck shell: /bin/nologin rundeck logs into remote server as normal user who has all permissions to execute all these scripts/jars. --> 

Note:

Rundeck is not setting up environment variables when executed on remote instance with different ssh port. In this case port is 2808 and the same has been updated in resources.xml as 123.456.789.0:2808 . Rundeck logs into server and executes scripts successfully (without environment variables). Remote instance sshd_config has been configured to accept RD_* variables. The same Environment variables are set up and accessed when logged in using port 22 .

Answer 1

I think you mixed up Rundeck commands arguments and Rundeck environment variables

This is a "Commands, Script Arguments and Job Reference Arguments": ${job.execid}

As its name states, you can use it as a commands arguments. Just like what you did in your job definition.

This is a "Environment Variables": $RD_JOB_EXECID

Without any setup, both work fine if you are running the job on Rundeck server itself, but if you want to dispatch your job to a node, $RD_JOB_EXECID will not work out of box.

To pass environment variables through remote command dispatches, it is required to properly configure the SSH server on the remote end. See the AcceptEnv directive in the "sshd_config(5)" manual page for instructions.

Use a wild card pattern to permit RD_ prefixed variables to provide open access to Rundeck generated environment variables.

 Example in sshd_config:

 # pass Rundeck variables 
 AcceptEnv RD_*

Rundeck SSH Plugins

On Rundeck Server

Make sure you have SendEnv RD_* set in ssh_config

For your usecase, ${job.execid} , ${option.option1} would works perfect with out mess around with sshd_config

---

It DOES work on differect SSH port.

Job Definition in XML

<joblist>
  <job>
    <context>
      <options preserveOrder='true'>
        <option name='nodeFilter' />
      </options>
    </context>
    <description></description>
    <dispatch>
      <excludePrecedence>true</excludePrecedence>
      <keepgoing>false</keepgoing>
      <rankOrder>ascending</rankOrder>
      <threadcount>1</threadcount>
    </dispatch>
    <executionEnabled>true</executionEnabled>
    <group>TEST</group>
    <id>63b6f283-39b2-479d-bba9-b1742bc2ea53</id>
    <loglevel>INFO</loglevel>
    <name>test rundeck job context</name>
    <nodefilters>
      <filter>${option.nodeFilter}</filter>
    </nodefilters>
    <nodesSelectedByDefault>true</nodesSelectedByDefault>
    <scheduleEnabled>true</scheduleEnabled>
    <sequence keepgoing='false' strategy='node-first'>
      <command>
        <script><![CDATA[#!/usr/bin/python
import sys
print "I know ENV_VAR will not work as command line arguments %s " % sys.argv
]]></script>
        <scriptargs> "&gt;${job.execid}&lt; &gt;$RD_JOB_EXECID&lt;"</scriptargs>
      </command>
      <command>
        <script><![CDATA[#!/bin/bash
echo "But it works in Bash"
echo $RD_JOB_ID
echo $RD_JOB_EXECID

echo "Which port does sshd listening on?"
sudo netstat -tulpn | grep 2808]]></script>
        <scriptargs />
      </command>
    </sequence>
    <uuid>63b6f283-39b2-479d-bba9-b1742bc2ea53</uuid>
  </job>
</joblist>

Answer 2

As Yang said it was due to ssh configurations. Likewise AcceptEnv variable in sshd_config there is SendEnv variable in ssh_config so I have to specify RD_* in SendEnv like this SendEnv RD_* in localhost ssh_config which will instruct ssh to send those environment variables to server. I found out the following things that needs to be done when working with environment variables

1. SendEnv needs to be setup in ssh_config file in localhost for sending the environment variables.
2. AcceptEnv needs to be setup in sshd_config file in remote node in order to accept environment variables passed to the server.